Topics:
Security
JailBroken iPhones Targeted By Rick-Rolling Worm
In case you're not aware, jailbroken iPhones may be able to run on various mobile networks, and run unofficial software - but the price paid is significant loss of security. As The Internet Storm Center pointed out in a post late Saturday: One of the problems with most jailbroken iPhones is that they run various services, including SSH among the others. The installation of SSH service is terribly insecure and, besides allowing remote root login, also leaves a default password on most jailbroken iPhones. Not good. And this common condition with jailbroken iPhones was also used in an attack in the Netherlands where the malware creator installed a backdoor enabled Trojan that demanded 5 Euros for removal. The new worm, however, spreads on its own, and after it infects an iPhone it will perform a scan of 3G IP addresses. It will then attempt to copy itself to the phone by logging in with root access. If successful, the worm will change the background of the phone to a photo of the 1980s pop star Rick Astley - a sort of "Rick Roll." Last year it became a popular social network meme for users to use small URLs (which hide the true hyperlink destination) so send users to the 1987 song Never Gonna Give You Up. There is a photo of a hijacked iPhone in this Dark Reading post. Is this a dangerous worm? All worms are dangerous - as unauthorized code being executed by someone not authorized by the phone's owner is always a security risk. But it seems the goal of this worm was to raise awareness. The worm's author wouldn't have done something so blatant as to change the wallpaper had discovery not been the goal. It's also a harbinger of things to come. And just as most of the first PC worms and viruses did little more than propagate or play simple songs before becoming malicious -- I'd expect the same progression on mobile phones.
« OfficeMedium Offers An Intranet And Collaboration Service | Main | The Klondike Bar Problem » |
| Sign Up Now For InformationWeek News Alerts |
This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
